no inet from clients & mysql tables topics

mfred freeradius at zilka.at
Fri Dec 16 13:42:30 CET 2005


Hi again,

thx 2 all who helped me until now with my freeradius project.  I made
many advancings but have 2 issues which I cant figure out.

1)
My client gets authenticated if I use the users file (testentry from
howto of Christoph Gravier)

        Sending Accounting-Response of id 2 to 192.168.0.8:32780

but it dont get authenticated if I use sql entries

        radius output:
        
        rad_recv: Access-Request packet from host 192.168.0.8:32782,
        id=0, length=199
                User-Name = "sqltest2"
                User-Password = "sqltest2"
                NAS-IP-Address = 192.168.0.8
                Service-Type = Login-User
                Framed-IP-Address = 192.168.182.3
                Calling-Station-Id = "00-E0-98-35-00-28"
                Called-Station-Id = "00-02-B3-4C-95-89"
                NAS-Identifier = "nas01"
                Acct-Session-Id = "43a2af6200000000"
                NAS-Port-Type = Wireless-802.11
                NAS-Port = 0
                Message-Authenticator =
        0x79af42dc40dbe6235bcf8585938c6a02
                WISPr-Logoff-URL = "http://192.168.182.1:3990/logoff"
          Processing the authorize section of radiusd.conf
        modcall: entering group authorize for request 13
          modcall[authorize]: module "preprocess" returns ok for request
        13
            users: Matched entry DEFAULT at line 152
          modcall[authorize]: module "files" returns ok for request 13
        radius_xlat:  'sqltest2'
        rlm_sql (sql): sql_set_user escaped user --> 'sqltest2'
        radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM
        radcheck WHERE
        Username = 'sqltest2' ORDER BY id'
        rlm_sql (sql): Reserving sql socket id: 1
        radius_xlat:  'SELECT
        radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
         FROM radgroupcheck,usergroup WHERE usergroup.Username =
        'sqltest2' AND
        usergroup.GroupName = radgroupcheck.GroupName ORDER BY
        radgroupcheck.id'
        radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM
        radreply WHERE
        Username = 'sqltest2' ORDER BY id'
        radius_xlat:  'SELECT
        radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
         FROM radgroupreply,usergroup WHERE usergroup.Username =
        'sqltest2' AND
        usergroup.GroupName = radgroupreply.GroupName ORDER BY
        radgroupreply.id'
        rlm_sql (sql): Released sql socket id: 1
          modcall[authorize]: module "sql" returns ok for request 13
        modcall: group authorize returns ok for request 13
          rad_check_password:  Found Auth-Type System
        auth: type "System"
          Processing the authenticate section of radiusd.conf
        modcall: entering group authenticate for request 13
          modcall[authenticate]: module "unix" returns notfound for
        request 13
        modcall: group authenticate returns notfound for request 13
        auth: Failed to validate the user.
        Login incorrect: [sqltest2/sqltest2] (from client 192er-testnetz
        port 0 cli
        00-E0-98-35-00-28)
        
my sql table (only radcheck entries, all others are empty):

        mysql> select * from radcheck;
        +----+----------+---------------+----+----------+
        | id | UserName | Attribute     | op | Value    |
        +----+----------+---------------+----+----------+
        |  1 | mfred    | User-Password | := | test     |
        |  7 | sqltest  | Password      | := | sqltest  |
        |  8 | sqltest2 | User-Password | := | sqltest2 |
        |  9 | sqltest3 | User-Password | == | sqltest3 |
        | 10 | argl     | User-Password | == | argl     |
        +----+----------+---------------+----+----------+

I tried different Attribute/op entries as I dont know exactly which are
good. The different howto's out there are not clear about this. Maybe
its version dependent?

---------------------------------------

2)

My next problem is that even if I get conneted with my local user I dont
have Internet access from the clients.
I only can ping 192.168.182.1 but nothing more.
>From the Server

If you woulbe be so kind again and help me in these topics I would be
very happy and my weekend is maybe saved this time :)

br,
mfred





More information about the Freeradius-Users mailing list